101. What is "API scraping" in cybersecurity?
- a) Automatically extracting data from unprotected APIs
- b) Encrypting API endpoints
- c) Scanning for API vulnerabilities
- d) Blocking API requests
Answer: A - Mass data collection from APIs lacking rate limits/authentication.
102. Which attack exploits "JWT null signature" vulnerability?
- a) Bypassing authentication with unsigned tokens
- b) Cracking JWT secrets
- c) Token replay attacks
- d) Algorithm switching
Answer: A - Some systems accept tokens with alg: "none" as valid.
103. What is "USB drop attack"?
- a) Planting malware-infected USB drives for victims to find
- b) Intercepting USB data transfers
- c) Corrupting USB firmware
- d) Disabling USB ports
Answer: A - Relies on human curiosity to execute malicious payloads.
104. Which tool performs "automated subdomain enumeration"?
- a) Sublist3r
- b) Nmap
- c) Wireshark
- d) Metasploit
Answer: A - Sublist3r aggregates subdomains from search engines and DNS.
105. What is "shadow IT" risk?
- a) Unauthorized use of unsanctioned software/services
- b) Exploiting system shadows
- c) Hidden malware
- d) Dark web monitoring
Answer: A - Employees using unvetted tools (e.g., cloud apps) bypassing security policies.
106. Which vulnerability allows "Web Cache Poisoning"?
- a) Injecting malicious content into caching systems
- b) SQL injection
- c) Cross-site scripting
- d) DNS spoofing
Answer: A - Manipulates cached responses to distribute malware/phishing pages.
107. What is "ISO 22301" certification?
- a) Business continuity management standard
- b) Penetration testing framework
- c) Malware analysis guideline
- d) Encryption protocol
Answer: A - Ensures organizations can recover from disruptions (e.g., cyberattacks).
108. Which attack exploits "DNS rebinding"?
- a) Bypassing same-origin policy to target internal systems
- b) Corrupting DNS records
- c) Spoofing DNS responses
- d) DDoSing DNS servers
Answer: A - Tricks browsers into communicating with internal IPs via rapidly changing DNS TTLs.
109. What is "VLAN double-tagging" attack?
- a) Adding two VLAN tags to bypass segmentation
- b) Encrypting VLAN traffic
- c) Spoofing VLAN IDs
- d) Disabling VLAN trunks
Answer: A - Outer tag is stripped by first switch, inner tag grants access to restricted VLAN.
110. Which tool analyzes Android APK files?
- a) Jadx
- b) Wireshark
- c) Nmap
- d) Burp Suite
Answer: A - Jadx decompiles APKs to inspect for malicious code.
111. What is "Rogue DHCP" attack?
- a) Distributing malicious IP configurations
- b) Spoofing ARP responses
- c) Corrupting DNS records
- d) Flooding DHCP servers
Answer: A - Provides false gateway/DNS settings to intercept traffic.
112. Which vulnerability allows "Open Redirect" attacks?
- a) Unvalidated URL parameters in redirects
- b) SQL injection
- c) Cross-site scripting
- d) CSRF tokens
Answer: A - Tricks users into visiting malicious sites via legitimate-looking redirects.
113. What is "ISO 27701" certification?
- a) Privacy Information Management System (PIMS)
- b) Network security standard
- c) Malware detection framework
- d) Encryption protocol
Answer: A - Extends ISO 27001 for GDPR/compliance with privacy regulations.
114. Which attack exploits "DNS tunneling"?
- a) Exfiltrating data via DNS queries
- b) Corrupting DNS cache
- c) Spoofing DNS responses
- d) DDoSing DNS servers
Answer: A - Encodes stolen data in subdomains (e.g., data.attacker.com).
115. What is "browser pivoting" in pentesting?
- a) Using victim's browser sessions to access internal networks
- b) Exploiting browser vulnerabilities
- c) Encrypting browser traffic
- d) Scanning for web vulnerabilities
Answer: A - Tools like Metasploit's browser_proxy route attacks through authenticated sessions.
116. Which tool performs "OSINT for email addresses"?
- a) theHarvester
- b) Nmap
- c) Wireshark
- d) John the Ripper
Answer: A - theHarvester scrapes search engines/PGP/key servers for email metadata.
117. What is "ISO 15408" standard?
- a) Common Criteria for security product evaluation
- b) Network penetration testing
- c) Malware analysis
- d) Cryptographic algorithms
Answer: A - Rates products on assurance levels (EAL1-EAL7) for secure deployments.
118. Which attack exploits "WebSocket hijacking"?
- a) Stealing authenticated WebSocket connections
- b) SQL injection
- c) Cross-site scripting
- d) DNS spoofing
Answer: A - Reuses WebSocket auth tokens for real-time data theft.
119. What is "ISO 27017" certification?
- a) Cloud security controls
- b) Network segmentation
- c) Malware detection
- d) Physical security
Answer: A - Extends ISO 27002 with cloud-specific guidelines (e.g., CSP shared responsibility).
120. Which header prevents "Cross-Origin Opener Policy" (COOP) bypasses?
- a) Cross-Origin-Opener-Policy
- b) Content-Security-Policy
- c) X-Frame-Options
- d) Strict-Transport-Security
Answer: A - Cross-Origin-Opener-Policy: same-origin isolates window contexts.