Cyber Quiz Day 34: Test Your Cybersecurity Knowledge

Welcome to Day 34 of our Cyber Quiz series! Whether you're a security analyst, developer, or IT professional, understanding cybersecurity fundamentals is critical in today's threat landscape. This quiz tests core concepts ranging from cryptography to incident response—essential knowledge for securing digital assets. We'll explore each question in-depth, unpack misconceptions, and provide actionable best practices. Let's dive in!

Table of Contents#

  1. Quiz Questions & Answers
  2. Detailed Explanations
    • Cryptography Fundamentals
    • Network Security
    • Incident Response
    • Secure Coding
    • Threat Modeling
  3. Best Practices & Common Pitfalls
  4. Real-World Scenarios
  5. Conclusion
  6. References

Quiz Questions & Answers#

Question 1: Which cryptographic algorithm provides confidentiality but not authenticity?
A) AES
B) RSA
C) HMAC-SHA256
D) ECDSA

Question 2: When analyzing a suspicious email, which header field helps verify its origin?
A) Subject
B) Received-SPF
C) Date
D) Content-Type

Question 3: During incident response, what’s the FIRST step after detecting a breach?
A) Contain the attack
B) Preserve evidence
C) Notify stakeholders
D) Identify the root cause

Question 4: Which OWASP Top 10 vulnerability arises from improperly sanitized user inputs?
A) Broken Access Control
B) Cryptographic Failures
C) Injection
D) Security Misconfiguration

Question 5: In threat modeling, what does STRIDE stand for?
A) A framework for risk assessment
B) A protocol for secure data transmission
C) A malware analysis technique

Detailed Explanations#

Cryptography Fundamentals#

Answer: A) AES

  • Why? AES (Advanced Encryption Standard) is a symmetric encryption algorithm ensuring confidentiality by scrambling data. It doesn’t inherently provide authenticity (e.g., verifying sender identity). RSA and ECDSA offer authenticity via digital signatures, while HMAC guarantees message integrity.
  • Common Pitfall: Using AES alone without HMAC for encrypted data transfers risks man-in-the-middle attacks.
  • Best Practice: Use AES-GCM or combine AES with HMAC for both confidentiality and integrity.
# Example: Encrypting data with AES and authenticating with HMAC  
from Crypto.Cipher import AES  
from Crypto.Hash import HMAC, SHA256  
 
# Encrypt  
cipher = AES.new(key, AES.MODE_GCM)  
ciphertext, tag = cipher.encrypt_and_digest(data)  
 
# Authenticate  
hmac = HMAC.new(auth_key, digestmod=SHA256)  
hmac.update(ciphertext)

Network Security#

Answer: B) Received-SPF

  • Why? The Received-SPF header validates if the sender’s IP is authorized by the domain’s SPF (Sender Policy Framework) DNS record. This helps detect email spoofing in phishing attacks.
  • Real-World Usage: Tools like DMARC and DKIM build upon SPF to prevent domain impersonation.

Incident Response#

Answer: A) Contain the attack

  • Why? According to the NIST Incident Response Lifecycle (NIST SP 800-61), containment is the first priority to stop the attack from spreading. Evidence preservation follows after initial containment is achieved.
  • Workflow:
    1. Contain the breach
    2. Preserve logs/memory
    3. Eradicate threats
    4. Recover systems
    5. Post-mortem analysis

Secure Coding#

Answer: C) Injection

  • Why? Injection flaws (SQLi, XSS) occur when untrusted inputs execute unintended commands. OWASP recommends:
    • Parameterized queries for SQL
    • Output encoding for web content
    // Safe SQL with PreparedStatement  
String query = "SELECT * FROM users WHERE email = ?";  
PreparedStatement stmt = conn.prepareStatement(query);  
stmt.setString(1, userInput);

Threat Modeling#

Answer: A) STRIDE is a threat classification framework

  • STRIDE Breakdown:
    • Spoofing
    • Tampering
    • Repudiation
    • Information Disclosure
    • Denial of Service
    • Elevation of Privilege
  • Best Practice: Apply STRIDE during design phase using tools like Microsoft Threat Modeling Tool.

Best Practices & Common Pitfalls#

TopicBest PracticeCommon Pitfall
CryptographyUse libsodium or certified libraries; rotate keys quarterlyRolling custom crypto; hardcoded keys
Email SecurityEnforce DMARC policy p=rejectIgnoring SPF/DKIM alignment checks
Incident ResponseMaintain offline backups of critical logsShutting down systems before evidence capture
Secure CodingAdopt SAST/DAST tools; input validationTrusting client-side validation
Threat ModelingUpdate models after architecture changesTreating it as a one-time activity

Real-World Scenarios#

Scenario 1: Ransomware Attack#

Problem: Attackers encrypt databases via SQL injection.
Solution:

  1. Contain: Isolate the DB server.
  2. Eradicate: Patch the vulnerable web app.
  3. Recover: Restore from offline backups.

Scenario 2: Credential Theft#

Problem: Stolen passwords due to phishing.
Solution:

  • Implement MFA (e.g., FIDO2 keys).
  • Monitor for leaked credentials with HaveIBeenPwned API.

Conclusion#

Cybersecurity is a continuous journey. Regular quizzes like this expose knowledge gaps and reinforce critical concepts. Remember:

  • Defense-in-depth > Silver bullet solutions
  • Automate security controls (e.g., CI/CD pipelines with SCA/SAST)
  • Update your threat models quarterly

Stay tuned for Cyber Quiz Day 35!

References#

  1. NIST SP 800-61 (Incident Response)
  2. OWASP Top 10 (2021)
  3. AES Encryption Best Practices (NIST)
  4. Microsoft Threat Modeling Tool
  5. DMARC Official Specification

Disclaimer: Answers reflect industry standards as of 2023. Always contextualize practices to your environment.

2026-06