A) A decoy system designed to attract and monitor hackers
B) A tool to protect user passwords
C) A device to scan for malware
D) An encryption tool for user data
View AnswerA
57. What is the purpose of SSL/TLS in web security?
A) To secure communications over a network by encrypting data
B) To speed up the loading of web pages
C) To provide automatic backup for websites
D) To detect and block malware
View AnswerA
58. Which attack attempts to overwhelm a network or service with excessive traffic?
A) Distributed Denial of Service (DDoS)
B) Cross-Site Scripting (XSS)
C) SQL Injection
D) Brute-force attack
View AnswerA
59. What is the role of a firewall in network security?
A) To block unauthorized access to a network
B) To manage website cookies
C) To provide encryption for email communication
D) To compress data for faster transfer
View AnswerA
60. Which of the following is a physical form of evidence in digital forensics?
A) Hard disk
B) IP address
C) Network packet
D) Digital signature
View AnswerA
61. What is a session hijacking attack?
A) An attacker takes over a user’s active session by stealing session cookies
B) An attack to reset the server
C) An attack using brute force to guess passwords
D) A method to stop a user session
View AnswerA
62. Which cryptographic method uses the same key for encryption and decryption?
A) Symmetric encryption
B) Asymmetric encryption
C) Hashing
D) Steganography
View AnswerA
63. What is the primary purpose of log files in web forensics?
A) To record and track user and system activity for later analysis
B) To speed up web page access
C) To improve website SEO
D) To manage cookies
View AnswerA
64. What does OWASP stand for?
A) Open Web Application Security Project
B) Online Website Attack Prevention System
C) Open Web Authorization Standard Protocol
D) Organized Web Access Security Project
View AnswerA
65. What does an attacker aim to achieve with SQL Injection?
A) Access or modify the database through malicious SQL queries
B) Spoof DNS records
C) Encrypt website content
D) Hide sensitive user data
View AnswerA
66. What is an Advanced Persistent Threat (APT)?
A) A long-term, targeted attack on an organization by a well-funded adversary
B) A random malware attack
C) An attack focused on email servers
D) A way to prevent Denial of Service attacks
View AnswerA
67. What is the function of a vulnerability scanner?
A) To identify weaknesses in a network or system
B) To encrypt network traffic
C) To manage server logs
D) To block malware attacks
View AnswerA
68. What is Cross-Site Scripting (XSS)?
A) An attack where an attacker injects malicious scripts into web pages viewed by others
B) An attack on web server databases
C) An attempt to hijack user sessions
D) A method to hide data within web pages
View AnswerA
69. Which of the following is used to ensure data integrity in web security?
A) Hashing
B) VPN
C) DNS
D) Session cookies
View AnswerA
70. What is a forensic analysis of volatile memory used to detect?
A) Malware or evidence present in RAM
B) Hard drive failure
C) Network traffic spikes
D) Website performance issues
View AnswerA
71. What is a certificate authority (CA)?
A) An organization that issues digital certificates to verify identities
B) A tool to analyze network traffic
C) A device for blocking malware
D) A software program for managing servers
View AnswerA
72. What is the purpose of encryption in web security?
A) To protect data from unauthorized access by converting it into unreadable format
B) To create a backup of user data
C) To increase website speed
D) To scan for malware on a server
View AnswerA
73. What is the role of intrusion prevention systems (IPS)?
A) To detect and prevent malicious activities in real time
B) To create a log of user activity
C) To handle user authentication
D) To manage network bandwidth
View AnswerA
74. What is a forensic hash used for?
A) To ensure the integrity of digital evidence
B) To encrypt data
C) To delete unwanted files
D) To speed up network connections
View AnswerA
75. What is malware analysis?
A) The process of studying malware to understand its behavior and impact
B) The process of encrypting malware
C) A method for hiding malware from detection
D) A system for blocking malware attacks
View AnswerA
76. What is social engineering in the context of web security?
A) Manipulating individuals into revealing confidential information
B) Using social media to improve security
C) Programming social network websites
D) Encrypting data with social network protocols
View AnswerA
77. What is a replay attack?
A) An attacker captures and retransmits data to impersonate the sender
B) An attacker modifies server responses
C) An attack that forces a website to crash
D) A method for resetting web traffic
View AnswerA
78. What does DDoS mitigation refer to?
A) Measures taken to prevent or minimize the impact of Distributed Denial of Service attacks
B) Techniques for encrypting user data
C) A tool for preventing SQL injection
D) Managing web session cookies
View AnswerA
79. What is forensic data carving?
A) A process used to recover data from unallocated space on digital storage
B) Encrypting data for secure communication
C) Deleting sensitive information permanently
D) Splitting large files into smaller parts
View AnswerA
80. What does the term “buffer overflow” refer to in web security?
A) A condition where a program writes more data than a buffer can hold, causing system crashes or exploits
B) Compressing data into buffers to save space
C) A method of protecting data during transit
D) An attack that uses excessive server memory
View AnswerA
81. What is a vulnerability in the context of web security?
A) A weakness or flaw in a system that can be exploited by attackers
B) A method of encrypting data
C) A secure way to transmit user information
D) An advanced form of firewall
View AnswerA
82. What does forensic “write-blocking” ensure?
A) Digital evidence cannot be altered during analysis
B) Data is copied faster
C) Encryption is performed on the hard drive
D) Server traffic is managed effectively
View AnswerA
83. What is a “security token” used for?
A) To authenticate a user’s identity for secure access
B) To log user activity
C) To encrypt web pages
D) To prevent session hijacking
View AnswerA
84. What is the role of antivirus software in web security?
A) To detect and remove malicious software from a system
B) To encrypt user passwords
C) To monitor web traffic
D) To manage firewalls
View AnswerA
85. What is forensic analysis of file metadata used for?
A) To investigate information about the origin, time, and date of file creation and modification
B) To recover deleted emails
C) To compress files for faster analysis
D) To encrypt sensitive information
View AnswerA
86. What is “phishing”?
A) A social engineering technique where attackers impersonate legitimate entities to steal sensitive information
B) Encrypting sensitive data
C) A method of scanning email servers
D) A way to analyze web page performance
View AnswerA
87. What is the purpose of penetration testing?
A) To assess the security of a system by simulating real-world attacks
B) To encrypt server data
C) To back up website information
D) To analyze web traffic
View AnswerA
88. Which protocol provides end-to-end encryption for secure file transfer?
A) Secure File Transfer Protocol (SFTP)
B) Hypertext Transfer Protocol (HTTP)
C) File Transfer Protocol (FTP)
D) Internet Message Access Protocol (IMAP)
View AnswerA
89. What is ransomware?
A) Malware that locks a user’s system or files and demands payment to unlock them
B) A system for encrypting sensitive user data
C) A software that prevents malware attacks
D) A firewall configuration tool
View AnswerA
90. What is the function of a web application firewall (WAF)?
A) To monitor, filter, and block malicious HTTP traffic to and from a web application
B) To encrypt website traffic
C) To analyze cookies
D) To speed up web server performance
View AnswerA
91. What is “packet sniffing”?
A) Capturing and analyzing network packets to monitor traffic
B) Encrypting packets for secure transmission
C) Compressing network traffic
D) Hiding packets from network analysis
View AnswerA
92. What is a sandbox in web security?
A) A controlled environment for running untrusted code to observe its behavior without affecting the system
B) A tool to encrypt web traffic
C) A backup system for web servers
D) A method to hide user passwords
View AnswerA
93. What does “cross-site scripting” allow attackers to do?
A) Inject malicious scripts into web pages viewed by users
B) Redirect traffic from websites
C) Block HTTPS protocols
D) Encrypt user sessions
View AnswerA
94. What is “DNS poisoning”?
A) An attack that corrupts DNS records to redirect traffic to malicious websites
B) Encrypting DNS data for security
C) A technique to speed up DNS resolution
D) A method of hiding web addresses
View AnswerA
95. What is a “spoofing attack”?
A) An attacker pretends to be a legitimate source to gain unauthorized access
B) Encrypting traffic to prevent analysis
C) Compressing files for faster transmission
D) A method of blocking IP addresses
View AnswerA
96. What is “forensic triage”?
A) Prioritizing and quickly analyzing digital evidence based on its importance
B) Encrypting all forensic data
C) Recovering lost forensic files
D) Monitoring network traffic
View AnswerA
97. What is an SSL certificate used for?
A) To authenticate the identity of a website and enable secure encrypted communication
B) To encrypt user passwords
C) To analyze website traffic
D) To backup server data
View AnswerA
98. What is “session fixation”?
A) An attack where the attacker fixes a user’s session ID before the user logs in
B) Compressing user sessions for faster processing
C) Encrypting web traffic during user sessions
D) Redirecting user sessions to a different domain
View AnswerA
99. What is the primary purpose of intrusion detection systems (IDS)?
A) To monitor and alert administrators of potential security breaches
B) To encrypt web traffic
C) To manage website cookies
D) To perform system backups
View AnswerA
100. What does “endpoint security” refer to?
A) Securing individual devices that connect to a network
B) Encrypting network data
C) Monitoring web server performance
D) Blocking website traffic
View AnswerA