Question#1 Both active and passive eavesdropping are types of man-in-the-middle (MITM) attacks. a) True ✅ - Answer b) False Question#2 Encrypting your data prevents hackers from using it, regardless of the eavesdropping method. a) True ✅ - Answer b) False Question#3 A distributed denial-of-service (DDoS) attack targets a server by sending minimal amounts of traffic from a single source. a) True b) False ✅ - Answer Question#4 DDoS attacks often utilize botnets—groups of internet-connected machines infected with malware. a) True ✅ - Answer b) False Question#5 Malware can infect devices only by spreading automatically from one device to another, without user intervention. a) True b) False ✅ - Answer Question#6 Firewall systems and educated users can help prevent malware infections. a) True ✅ - Answer b) False Question#7 A man-in-the-middle attack allows an attacker to eavesdrop or modify communication between two parties without their knowledge. a) True ✅ - Answer b) False Question#8 VPNs and strong encryption can help protect against man-in-the-middle (MITM) attacks. a) True ✅ - Answer b) False Question#9 Phishing attacks usually involve physical theft rather than emails or fake websites. a) True b) False ✅ - Answer Question#10 Checking the reply-to and return-path domains in emails can help prevent phishing attacks. a) True ✅ - Answer b) False Question#11 SQL injection attacks occur when properly validated web inputs are used in SQL statements. a) True b) False ✅ - Answer Question#12 One common test for SQL injection vulnerability is using the ' character in a field to check for errors. a) True ✅ - Answer b) False Question#13 Session hijacking is unrelated to MITM attacks and always occurs without manipulating IP addresses. a) True b) False ✅ - Answer Question#14 Using a VPN can help prevent session hijacking by encrypting communication. a) True ✅ - Answer b) False Question#15 An insider threat comes exclusively from attackers outside the organization. a) True b) False ✅ - Answer Question#16 Multi-factor authentication (MFA) can reduce the risk of insider threats by requiring more than just a password. a) True ✅ - Answer b) False Question#17 Ransomware only affects a single machine and can never spread to multiple devices within a network. a) True b) False ✅ - Answer Question#18 DNS spoofing involves redirecting users to fake websites by tampering with DNS records. a) True ✅ - Answer b) False Question#19 In symmetric key cryptography, encryption and decryption use different keys. a) True b) False ✅ - Answer Question#20 Hash functions do not require keys and produce a fixed-length output from an input of arbitrary length. a) True ✅ - Answer b) False