#1
Which of the following is NOT a recommended practice for enhancing web browsing security?
Regularly updating the browser and operating system
Using public Wi-Fi networks for sensitive transactions
Enabling browser security features like phishing and malware protection
Using strong, unique passwords for different online accounts
#2
What does HTTPS stand for in the context of web browsing security?
HyperText Transfer Protocol Secure
HyperText Transmission Protocol Server
Highly Encrypted Transfer Protocol Service
High-Speed Transport Protocol System
#3
What is the purpose of a CAPTCHA in web security?
To detect and prevent automated bots from accessing web services
To encrypt sensitive data during transmission
To provide secure authentication for user logins
To monitor network traffic and detect anomalies
#4
Which protocol encrypts data between a user's browser and a website's server for secure communication?
#5
What is the purpose of a VPN (Virtual Private Network) in web browsing security?
To encrypt internet traffic and hide the user's IP address
To increase browsing speed by bypassing network restrictions
To provide secure authentication for websites
To block unwanted advertisements and pop-ups
#6
Which of the following is a common method used by websites to store user authentication information securely?
Storing passwords in plaintext format
Using reversible encryption for passwords
Hashing passwords with a secure hashing algorithm
Sharing passwords via email
#7
Which of the following is a best practice to avoid falling victim to phishing attacks?
Clicking on links in unsolicited emails
Verifying the sender's email address before responding to any requests
Providing personal information requested in suspicious emails
Downloading attachments from unknown senders without scanning them for malware
#8
What is the purpose of a browser's 'private browsing' or 'incognito' mode?
To block unwanted advertisements
To increase browsing speed
To prevent the browser from saving browsing history, cookies, and other data
To automatically clear cache and cookies after each browsing session
#9
What is the purpose of a cross-site scripting (XSS) attack?
To steal user credentials by tricking them into visiting a malicious website
To execute malicious scripts in a victim's web browser
To intercept and alter communication between two parties
To flood a website with fake traffic, making it unavailable to legitimate users
#10
Which of the following is NOT a recommended action to secure a Wi-Fi network?
Using a strong, unique password for network access
Enabling network encryption, such as WPA2 or WPA3
Disabling SSID broadcasting
Setting up an open network without any password
#11
Which of the following is a method to prevent tracking by advertisers while browsing the web?
Using a virtual private network (VPN)
Clearing browser cookies regularly
Disabling JavaScript in the browser settings
Allowing third-party cookies in browser settings
#12
What is the purpose of browser extensions like ad blockers and script blockers in enhancing web browsing security?
To prevent the browser from loading certain types of content that may contain security threats
To increase the browsing speed by blocking unnecessary scripts
To hide the user's IP address to prevent tracking
To encrypt the data exchanged between the browser and web servers
#13
What is a 'zero-day exploit' in the context of web security?
An attack that targets known vulnerabilities in software
A security flaw that has been known and patched for some time
A vulnerability that is exploited before the developer releases a fix or patch
A type of phishing attack that involves deceptive emails
#14
Which of the following is NOT a common authentication factor used in multi-factor authentication (MFA)?
Something you know
Something you have
Something you are
Something you share
#15
What does the term 'pharming' refer to in the context of web security?
A method to intercept and alter communication between two parties
A type of phishing attack that targets a specific individual or organization
A technique used to hijack a website's domain name system (DNS) and redirect users to a fraudulent website
A practice of exploiting software vulnerabilities to gain unauthorized access to a system
#16
What is the purpose of 'sandboxing' in web browsing security?
To isolate potentially malicious code from the rest of the system
To speed up the execution of web applications
To allow websites to access system resources freely
To prevent users from accessing certain websites
#17
What does the term 'man-in-the-middle attack' refer to in web security?
A type of phishing attack that targets high-profile individuals
A technique to intercept communication between two parties without their knowledge
A method to brute-force passwords by trying different combinations
A form of social engineering attack involving impersonation
#18
Which encryption protocol is commonly used to secure email communication?
#19
What is the purpose of a firewall in web security?
To encrypt data transmitted between a user's browser and a website's server
To prevent unauthorized access to or from a private network
To detect and remove malware from a user's device
To track and analyze network traffic for suspicious activity
#20
What does the term 'SQL injection' refer to in web security?
A method to brute-force passwords by trying different combinations
A form of social engineering attack involving impersonation
A technique to exploit vulnerabilities in database queries and execute malicious SQL commands
A type of phishing attack that targets high-profile individuals
#21
Which of the following is a technique used in phishing attacks to deceive users?
Cross-site scripting (XSS)
Clickjacking
SQL injection
Spoofing legitimate websites or email addresses
#22
What is the purpose of a Content Security Policy (CSP) in web security?
To protect against cross-site scripting (XSS) attacks
To encrypt data transmitted between the browser and server
To prevent SQL injection attacks
To detect and block phishing emails
#23
What is the primary goal of a distributed denial-of-service (DDoS) attack?
To gain unauthorized access to a system
To steal sensitive information stored on a server
To overwhelm a website or online service with a flood of traffic, making it unavailable to legitimate users
To install malware on users' devices
#24
What is the purpose of 'clickjacking' in web security attacks?
To trick users into clicking on a disguised link that leads to a malicious website
To intercept and steal sensitive information submitted through online forms
To manipulate search engine rankings by generating fake clicks on specific links
To exploit vulnerabilities in outdated software and gain unauthorized access to a system
#25
Which security protocol is used to secure web browsing sessions by providing encryption and authentication?