Cybersecurity Jeopardy: Security+ Edition

Encryption

Network Security

Social Engineering

Cyber Attacks

Risk Management

100

What encryption standard uses a 128-bit block size and key sizes of 128, 192, or 256 bits? (AES)

What is AES?

100

What type of firewall keeps track of the state of network connections?

What is Stateful Firewall?

100

What is it called when a hacker follows someone into a secure area without authorization?

Tailgating

100

What is the act of secretly transferring data from a system without authorization?

(Data Exfiltration)

100

What is a list of identified risks and their mitigation strategies?

(Risk Register)

200

What is the encryption method that shifts letters by 13 places?

What is ROT13?

200

What type of firewall has three network interfaces: LAN, DMZ, and WAN?

What is Three-homed Firewall?

200

What is the technique where an attacker pretends to be someone else to gain information?

(Impersonation)

200

What type of attack involves modifying a packet to have all possible flags set?

(Christmas Tree Packet)

200

What cybersecurity framework is developed by NIST to guide risk management?

(NIST Risk Management Framework - RMF)

300

What is the strongest form of encryption that can only be used once per message?

What is One-Time Pad - OTP?

300

What security tool redirects malicious domains to a non-routable IP address?

What is DNS Sinkhole?

300

What is a sophisticated phishing attack that targets high-profile individuals?

(Whaling)

300

What type of cyberattack tricks users into visiting a fake version of a legitimate website?

(Pharming)

300

What role is responsible for ensuring an organization complies with data protection laws?

(Data Protection Officer)

400

What encryption mode provides authentication and confidentiality?

What is Galois Counter Mode - GCM?

400

What technique involves spoofing a legitimate device's MAC address?

What is MAC Spoofing?

400

What type of social engineering attack involves creating a false story to gain trust?

(Pretexting)

400

What type of advanced cyber threat remains undetected in a system for a long period?

(Advanced Persistent Threat - APT)

400

What risk management process helps identify and assess security threats?

(Risk Identification)

500

What encryption method encrypts data in fixed-size blocks rather than streaming it?

What is Block Cipher?

500

What type of network attack floods a target with ICMP echo requests?

What is Ping Flood?

500

What kind of attacker is motivated by political or social causes?

(Hacktivist)

500

What device is installed on ATMs or payment terminals to steal card information?

(Skimmer)

500

What is the principle that assumes no entity should be trusted inside or outside the network by default?

(Zero Trust)